home (/)
Event Actions
Input Filters
Global Actions Log out (/users/logout)
View
0 proposals in 0 events (/events/proposalEventIndex) Malware Information Sharing Platform
Event
MISP
Event
(/events/view/134) View Event History
ID
134
Uuid
52d7defa-d134-4d7d-b9fa-05d3c1bface8
Org
MISP
Contributors (/logs/event_index/134) Tags Propose
Date
2014-01-16
Risk
Medium
Attribute
Analysis (/shadow_attributes/add/134) Distribution
Completed
Propose
the event to be freely propagated from one server to the next..
Attachment
All communities, this will share the event with all MISP communities, allowing
Info
Tasking Trojan (PlugX again)
Published (/shadow_attributes/add_attachment/134)
Download
Pivots
Attributes
Yes Discussion
as XML
(/events/removePivot/134/134) 134: Tasking... (/events/xml/download/134) (/events/view/134/1/134) Download Date Category as IOC
Type
Value
Download
2014-01-16 Payload installation filename
as CSV
2014-01-16 (/events/csv/download/134)
List Events (/events/index)
Comment
Related
IDS
Distribution Actions
tasking.exe
No
All
(/shadow_
6ab333c2bf6809b7bdc37c1484c771c5
No
All
(/shadow_
Events
(/events/downloadOpenIOCEvent/134)
md5
2014-01-16 Network activity
hostname mongolia.regionfocus.com
Yes
All
(/shadow_
2014-01-16
hostname peaceful.linkpc.net
Yes
All
(/shadow_
2014-01-16
hostname mseupdate.strangeled.net
Yes
All
(/shadow_
2014-01-16 External analysis
link
No
All
(/shadow_
http://normanshark.com/blog/plugxused-mongolian-targets/ (http://normanshark.com/blog/plugxused-mongolian-targets/)
« previous
next »
Page 1 of 1, showing 0 records out of 0 total, starting on record 0, ending on 0
« previous next » Could not locate the PGP/GPG Powered public by MISP key. version 2.2 © Belgian Defense CERT & NCIRC Quote Event
Send
Thread